summaryrefslogtreecommitdiff
path: root/include/image.h
diff options
context:
space:
mode:
authorAlexandru Gagniuc <mr.nuke.me@gmail.com>2021-02-19 21:45:17 +0300
committerTom Rini <trini@konsulko.com>2021-04-14 22:23:01 +0300
commit36bfcb62b3e7b846d0b693828df54a0d58e07511 (patch)
tree03d50859acde65af4076bd5565c71e3ae765a3c7 /include/image.h
parentfb6532ec6c0c247dc204f65cb298d0865f7eaf3b (diff)
downloadu-boot-36bfcb62b3e7b846d0b693828df54a0d58e07511.tar.xz
mkimage: Add a 'keyfile' argument for image signing
It's not always desirable to use 'keydir' and some ad-hoc heuristics to get the filename of the signing key. More often, just passing the filename is the simpler, easier, and logical thing to do. Since mkimage doesn't use long options, we're slowly running out of letters. I've chosen '-G' because it was available. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'include/image.h')
-rw-r--r--include/image.h16
1 files changed, 12 insertions, 4 deletions
diff --git a/include/image.h b/include/image.h
index f172b1224d..3ff3c035a7 100644
--- a/include/image.h
+++ b/include/image.h
@@ -1136,9 +1136,10 @@ int fit_cipher_data(const char *keydir, void *keydest, void *fit,
* 0, on success
* libfdt error code, on failure
*/
-int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
- const char *comment, int require_keys,
- const char *engine_id, const char *cmdname);
+int fit_add_verification_data(const char *keydir, const char *keyfile,
+ void *keydest, void *fit, const char *comment,
+ int require_keys, const char *engine_id,
+ const char *cmdname);
int fit_image_verify_with_data(const void *fit, int image_noffset,
const void *data, size_t size);
@@ -1256,10 +1257,17 @@ void image_set_host_blob(void *host_blob);
#endif
#endif /* IMAGE_ENABLE_FIT */
-/* Information passed to the signing routines */
+/*
+ * Information passed to the signing routines
+ *
+ * Either 'keydir', 'keyname', or 'keyfile' can be NULL. However, either
+ * 'keyfile', or both 'keydir' and 'keyname' should have valid values. If
+ * neither are valid, some operations might fail with EINVAL.
+ */
struct image_sign_info {
const char *keydir; /* Directory conaining keys */
const char *keyname; /* Name of key to use */
+ const char *keyfile; /* Filename of private or public key */
void *fit; /* Pointer to FIT blob */
int node_offset; /* Offset of signature node */
const char *name; /* Algorithm name */
generated by cgit v1.2.3 (git 2.39.0) at 2024-09-03 23:05:50 +0300